• Home
• Eavesdrop
  • New Version
  • Release Notes
  • Screenshots
  • Documentation
  • FAQ
• Tool Kit Browser
• TiVo Butler
• Downloads

Overview

I'm currently designing and building a new version of Eavesdrop. This version has a number of new features that could not be done with the underlying design of the current version and is - consequently - a complete "ground up" rewrite of the app.

I expect that this version will take a little while to produce, but I wanted to put out some intermediary steps to show people what I've been doing. (Also, since this version is plug-in based, anyone who wishes to contribute I welcome to do so... the API is not completely stable, but it is getting there.)

Planned Features

Some things I would like to get into this version (marked as working in the current version, in progress for things that are only partially coded (may or may not be working to some extent) and things that are planned, but nothing has been done about them yet):

capture options
• local capture works with single authentication, not for each click on start (working)
• file based capture not done through background tool (working)
• remote capturing (one machines forwards for view on another) (in progress)
• save capture files in tcpdump format (planned)

packet handling
• store packets in original format (working)
• decode packet data with plugins (working)
• allow additional plugins to aggregate packets into collections (working)
• a wrapper for ethereal dissectors or an easy way to convert them to ED plugins (planned, not likely)
• plugin will be able to define their own viewing windows (working)

payload plugins
• media plugins (planned)
• HTML page plugins (planned)

preferences
• default interface (done)
• other default capture settings (in progress)
• color preferences for viewing (working, more may be done)
• support for plugin preferences (working)

modular graphing
(not sure how this will work, probably with plugins as well)

default protocol support
• frame (ie: ethernet, localhost traffic, GRE... only ethernet done)
• IP (done)
• TCP (in progress)
• UDP (planned)
• ICMP (planned)

others I'd like to support "out of the box" if I can
• DNS
• HTTP
• SMB

Preview versions

Soon I will offer a preview version for download along with source code. Check back here for updates periodically. (Although there is no planned release schedule, I may institute one if there is any interest by others to help. Currently, this is a one man show, however and I have plenty of other things to keep me busy.)